Temporary, Contractor, Full-time
Access Control, Amazon Web Services (AWS), Architectural Services, Authentication, Best Practices, Citrix Product Family, Cloud Computing, Cost Control, DNS (Domain Name System), High Availability, Identity Federation, Microsoft Active Directory, Microsoft Product Family, Microsoft Windows Azure, Microsoft Windows NT Group Policy, OAuth, OpenID, Security Architecture, Security Assertion Markup Language (SAML), Single Sign-On (SSO), Software as a Service (SaaS), User Interface/Experience (UI/UX), VMWare View, VPN (Virtual Private Network)
AWS Workspaces Architect & Identity Integration SME
The AWS WorkSpaces Architect will be responsible for end-to-end design and automated implementation of the AWS WorkSpaces environment, with a strong focus on identity integration, authentication, and secure access. The SME will ensure seamless integration between AWS Workspaces, Active Directory, MFA solutions, and enterprise SaaS/on-prem applications.
The qualified candidate will be responsible for the following:
- Design and implement AWS Workspaces architecture aligned to user personas and workload requirements
- Lead AWS Workspaces technology implementation to support performance, security, and user experience needs
- Integrate AWS Workspaces with Active Directory (on-prem and/or cloud-based)
- Provide short-term (tactical) and long-term (strategic) options based on best practices
- Implement and enforce MFA across Workspaces and integrated applications
- Configure Single Sign-On (SSO) for Office 365, OneDrive, SaaS, and enterprise applications
- Define identity governance, RBAC models, and conditional access policies
- Ensure secure identity federation and directory integration (AD Connector, AWS Managed AD, Azure AD/Entra ID)
- Collaborate with security teams to align authentication and access controls with enterprise policies
- Provide architectural guidance on high availability, scalability, and cost optimization
The qualified candidate must have the following skills and experience:
- Deep expertise in AWS Workspaces and AWS EUC services
- Strong experience with Active Directory (GPOs, DNS, trusts, hybrid identity)
- Hands-on experience with various MFA solutions
- Experience with SSO protocols (SAML, OAuth, OpenID Connect)
- Knowledge of Azure AD / Entra ID and hybrid identity architectures
- Strong understanding of AWS networking (VPC, VPN, Direct Connect)
- Experience integrating Workspaces with enterprise SaaS platforms (e.g., Microsoft 365, Workday, etc.)
- Familiarity with Citrix/VMware VDI environments for migration context
It would be nice for the qualified candidate to have the following:
- AWS certifications (e.g., AWS Solutions Architect, AWS Advanced Networking)
- Experience with Zero Trust security architecture
- Prior experience with large-scale (500+ users) EUC deployments
The client is based in the New York Metropolitan area for this 100% remote opportunity. The qualified candidate must be able to work East Coast hours. Applicants must be authorized to work in the U.S. We are unable to sponsor or take over sponsorship for an employment visa currently. We are unable to work with third-party companies. For additional information and immediate consideration, please email your resume and LinkedIn profile to recruiter@selectsolutionsgroup.com.
S
Select Solutions Group LLC